###BeginCaseStudy###
Case Study: 3
Contoso Ltd
Overview
General Overview
Contoso, Ltd., is an aerospace engineering company that manufactures jet engine
parts for various industries and government agencies. Contoso has an Exchange
Server 2013 organization.
A partner company named Tailspin Toys has an Exchange Server 2010
organization.
Physical Locations
Contoso has two offices. The offices are located in Montreal and Chicago.
Each office contains a data center:
The Montreal and Chicago offices connect to each other by using a direct WAN link.
All connections to the Internet are routed through the Montreal office.
Most of Contoso’s employees work from the Montreal office.
Existing Environment
The network of Contoso is configured as shown in the exhibit. (Click the Exhibit
button.)
The network of Contoso contains the following components:
Client computers that run either Microsoft Outlook 2007 or Outlook 2010.
Users who have a primary SMTP address that uses the contoso.com suffix.
A retention policy that retains all email messages for 580 days and is associated to
all users.
Six servers that have Exchange Server installed. The servers are configured as
shown in the following table.
A data availability group (DAG) named DAG1 that contains all of the mailbox
servers. EX5 is configured as the witness server for DAG1. A file server in the
Chicago office is configured as an alternate witness server. DAG1 has Datacenter
Activation Coordination (DAC) mode enabled.
Requirements
Planned Changes
Contoso plans to implement the following changes:
Implement an organization relationship between Contoso and Tailspin Toys.
Move the mailboxes of all the members of the sales department to Office 365.
Evaluate Unified Messaging (UM) by conducting a small pilot in the Montreal office.
Security Requirements
Contoso identifies the following security requirements:
Ensure that the data in the Exchange Server databases cannot be read if a hard disk
is stolen.
Prevent temporary employees from executing a Reply All or a Forward of any email
messages they receive.
Prevent temporary contractors from changing the configurations of the user accounts
for the users in the research and development department.
Ensure that all of the connections to Outlook Web App from the Internet use
Extensible Authentication Protocol (EAP) protocols and Transport Layer Security
(TLS) protocols.
Secure all of the email messages from the users at Tailspin Toys to the Contoso
users. Ensure that all of the messages can be secured if the certificates at Tailspin
Toys are issued by a trusted third-party certification authority (CA).
Auditing Requirements
Contoso identifies the following requirements for auditing mailboxes:
The manager of the legal department must receive a daily report by email that
contains a record of all the eDiscovery mailbox searches.
Any access to a mailbox by a service account must be excluded from the daily
report.
Compliance Requirements
All of the email messages in the Sent Items folder of each user in the marketing
department of Contoso must be deleted automatically after 365 days.
Office 365 Coexistence Requirements
Contoso identifies the following Office 365 coexistence requirements:
Office 365 users must be able to access their mailbox by using their Active Directory
user account in Contoso.
On-premises users must be able to share free/busy information and calendar
information with the Office 365 users.
###EndCaseStudy###
You need to identify which technologies must be deployed to meet the Office 365 coexistence
requirements.
Which two technologies should you identify? (Each correct answer presents part of the solution.
Choose two.)
A.
the Microsoft Online Services Directory Synchronization tool
B.
Active Directory Federation Services (AD FS) 2.0
C.
Active Directory Rights Management Services (AD RMS)
D.
an internal root CA
E.
Active Directory Lightweight Directory Services (AD LDS)
Explanation:
* Scenario: Contoso identifies the following Office 365 coexistence requirements: / Office 365 users
must be able to access their mailbox by using their Active Directory user account in Contoso. / Onpremises users must be able to share free/busy information and calendar information with the
Office 365 users.
A) When you create an Office 365 mailbox in Exchange Online in a hybrid deployment, the mail user
is created in Active Directory on-premises. Directory synchronization, if it’s configured, automatically
synchronizes this new user object to Office 365, where it’s converted to a cloud mailbox in Exchange
Online. You can create Office 365 mailboxes as regular user mailboxes, resource mailboxes for
meeting rooms and equipment, and shared mailboxes.
B) Step-By-Step: Setting up AD FS and Enabling Single Sign-On to Office 365